Exploit " Word for Mac" Released

Yet again, an exploit has been released into the wild within days of Microsoft announcing the vulnerability. An exploit has been found in the wild for a Word vulnerability Microsoft patched on Oct. 9. Symantec said in a posting on Oct. 10 that it had gotten its hands on a Word for Mac document that […]

Yet again, an exploit has been released into the wild within days of Microsoft announcing the vulnerability.

An exploit has been found in the wild for a Word vulnerability Microsoft patched on Oct. 9.

Symantec said in a posting on Oct. 10 that it had gotten its hands on a Word for Mac document that contains shell code and three pieces of malware. The file kept crashing Word programs—with the exception of Office 2007—until the security company determined that it had been created using Word for Macintosh.

The document was, in fact, rigged to exploit a flaw that Microsoft has already seen in the wild and which the company patched earlier in the week.

The fast turnaround from Patch Tuesday to an exploit being released into the wild is a trend that shows no signs of slowing down, Symantec's Orla Cox noted in the posting. But the good news with this one, Cox said, is that at least default configurations in Office 2007 and Office 2003 Service Pack 3 offer protection to Windows users, by preventing users from opening certain Office file formats, including Office for Macintosh documents. Microsoft describes this protective behavior in this support document.

Microsoft, Microsoft Office, Office 2008, Office for Mac, Word for Mac, Security, Vulnerability, Bug, Exploit

Source:? eweek

About The Author

Deepak Gupta is a IT & Web Consultant. He is the founder and CEO of diTii.com & DIT Technologies, where he's engaged in providing Technology Consultancy, Design and Development of Desktop, Web and Mobile applications using various tools and softwares. Sign-up for the Email for daily updates. Google+ Profile.